How do I pass the HTTP username from Apache to Mongrel/Rails? - ruby-on-rails

The goal: running a Rails application on Mongrels, allowing access through Apache after doing basic HTTP Authentication
The problem: reading the supplied username from within Rails
Apache:
<Proxy balancer://mongrel_cluster>
BalancerMember http://127.0.0.1:4001
# ...
Order deny,allow
Deny from all
AuthType Basic
AuthName "<realm>"
AuthUserFile "<users-file>"
AuthGroupFile "<groups-file>"
Require group <group>
Satisfy Any
</Proxy>
RewriteEngine On
# ...
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://mongrel_cluster%{REQUEST_URI} [P,QSA,L]
That works just fine, Apache forces the user to authenticate and forwards to Rails if successful. I omitted a few lines for handling static files and such, and triggering authentication for them as well.
The environment variables from Rails' perspective contain the usual entries and additionally HTTP_X_FORWARDED_HOST, HTTP_X_FORWARDED_SERVER and HTTP_X_FORWARDED_FOR. I was unable to pass custom environment variables by adding them to the rewrite rule:
RewriteRule ... [P,QSA,L,E=foo:bar]
Any thoughts?

Try using the RequestHeader directive to put REMOTE_USER in an HTTP header. This seems to have worked for the folks in this thread:
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule . - [E=RU:%1]
RequestHeader add X-Forwarded-User %{RU}e

Related

How to fix redirect chain issue using htacces

there is a redirect chain issue on my website, regarding ahref testing tool: http://www.website.com/ ; http://website.com/ ; https://www.website.com/.
https://website.com/ - I use this link.
This code is written in the htaccess file, which probably cause the problem:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
Header set Strict-Transport-Security: "max-age=31442830; includeSubDomains; preload"
The htaccess logic above should not cause a redirect unless you have a Cloudflare integration or Proxy that does not pass the secure protocol along to the apache server
if you have WordPress then a redirect can be made internally

Apache 2.2.15 with WSS proxy rules issue

Having a problem with 2.2.15 Apache using wws (web socket) rules.
To get 2.2.15 Apache to support web socket, we followed this guide "http://notmyitblog.blogspot.ie/2014/03/websockets-support-for-apache-httpd.html" and have successfully created the module + added it to Apache.
At this point, Apache is throwing a 502 error when we try to access a page using this.
We are not sure where in the overall httpd.conf file this rule should go.
The aim is to configure a chatbot application that runs using ruby-on-rails.
Our application is split between an Application server running ruby-on-rails on puma (10.1.1.2) and this Apache server (10.1.1.1).
Our httpd.conf contains:
<VirtualHost 10.1.1.1:80>
Server Name hostname
ServerAlias www.our.url>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/cable [NC,OR]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
RewriteRule .* wss://10.1.1.2:3000%{REQUEST_URI} [P,QSA,L]
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule .* http://10.1.1.2:3000%{REQUEST_URI} [P,QSA,L]
RequestHeader set X-Forwarded-Proto "https"
<Location /cable>
Require all granted
ProxyPassReverse wss://10.1.1.2:3000/cable
ProxyPassReverseCookieDomain 10.1.1.2 www.our.url
</Location>
</VirtualHost>
Is this format correct? Are any other configuration changes needed for this to take effect?
Is there any sort of test that can be done at server level to verify that the ws is configured and working?

www to http resolve for Rails app on passenger

I am running a rails app on phusion passenger. I want to resolve all www addresses to http for SEO benefits.
I am using phusion along with the apache server and for performance benefits would like the redirect to be in the httpd.conf file instead of the .htaccess file. I added the redirect in the httpd.conf file but it redirects to the public folder of the application on every url request. I wrote to my hosting provider and got the following response:
Since passenger is configured for your rails application via .htaccess, the direct rules through htaccess will not work. But, htaccess directs will work fine with non rails applications.
If you really wish to redirect www.xyz.com to xyz.com, you have to add a code similar to the following in your application.
-------
before_filter :check_uri
def check_uri
if /^www/.match(request.host)
redirect_to request.protocol + request.host_with_port[4..-1] + request.request_uri
end
end
I think this is not good for performance of the application. Is there any way I can redirect from the httpd.conf file itself?
Here is the httpd.conf file:
This redirects www to the public folder instead of http
<Directory "/home/xyz">
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
RewriteRule ^(.*)$ http://%1/$1 [R=301,L]
</Directory>
<VirtualHost 1.1.1.1:80>
SuexecUserGroup "#500" "#501"
ServerName xyz.com
ServerAlias www.xyz.com
ServerAlias webmail.xyz.com
ServerAlias admin.xyz.com
#DocumentRoot /home/xyz/public_html
DocumentRoot /home/xyz/public
DirectoryIndex index.html index.htm index.php index.php4 index.php5
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.xyz.com
RewriteRule ^(.*) https://xyz.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.xyz.com
RewriteRule ^(.*) https://xyz.com:10000/ [R]
RemoveHandler .php
RemoveHandler .php5
IPCCommTimeout 31
FcgidMaxRequestLen 1073741824
<Files awstats.pl>
AuthName "xyz.com statistics"
AuthType Basic
AuthUserFile /home/xyz/.awstats-htpasswd
require valid-user
</Files>
Alias /dav /home/xyz/public_html
<Location /dav>
DAV on
AuthType Basic
AuthName "xyz.com"
AuthUserFile /home/xyz/etc/dav.digest.passwd
Require valid-user
ForceType text/plain
Satisfy All
RemoveHandler .php
RemoveHandler .php5
RewriteEngine off
</Location>
</VirtualHost>

Symfony 1.4 Error 400 on the home page in prod env (not in dev env)

I have made an tested an application on my computer and all is working fine (I used only the dev environment via the frontend_dev.php page).
When I deploy this application on the test server, I have the error 400 Bad Request below:
Bad Request
Your browser sent a request that this server could not understand.
I accessed to the website with the normal URL.
I'm using symfony 1.4 with doctrine (no others plugins are involved), wamp 2 (php 5.3, apache 2.0.59).
If I try to access the application with the dev environment, it works.
Try checking if the no_script property on your application setting.yml file. If should be set to False, clear cache and try again
Thank you very much Guiman. You have leaded me to the answer.
The no_script_name property wasn't the origin of the problem. Instead, I have my .htaccess in the web directory which was badly generated (I swear on my pet's head that I haven't edited this file before). Below is the file generated by symfony (the bold attribute isn't working within the code one, look at the last line):
Options +FollowSymLinks +ExecCGI
<IfModule mod_rewrite.c>
RewriteEngine On
# uncomment the following line, if you are having trouble
# getting no_script_name to work
#RewriteBase /
# we skip all files with .something
#RewriteCond %{REQUEST_URI} \..+$
#RewriteCond %{REQUEST_URI} !\.html$
#RewriteRule .* - [L]
# we check if the .html version is here (caching)
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
# no, so we redirect to our front web controller
RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>
And this is the updated one (again, look at the last line):
Options +FollowSymLinks +ExecCGI
<IfModule mod_rewrite.c>
RewriteEngine On
# uncomment the following line, if you are having trouble
# getting no_script_name to work
#RewriteBase /
# we skip all files with .something
#RewriteCond %{REQUEST_URI} \..+$
#RewriteCond %{REQUEST_URI} !\.html$
#RewriteRule .* - [L]
# we check if the .html version is here (caching)
RewriteRule ^$ index.html [QSA]
RewriteRule ^([^.]+)$ $1.html [QSA]
RewriteCond %{REQUEST_FILENAME} !-f
# no, so we redirect to our front web controller
RewriteRule ^(.*)$ **/myApp/index.php** [QSA,L]
</IfModule>
I don't know what happened but I will check on the symfony website I there are similar issues.

Apache + Mongrel Cluster = Wrong server config!

I'm trying to get Ruby on Rails going on a Windows 2003 Server. I've installed the Mongrel service and Apache (and RoR, etc).
When I serve an app using just Mongrel, everything comes up perfectly.
So, now I am down to the Apache configuration... Apparently I can't seem to get that right. When I visit my pages, I am returned the correct HTML, but it's returned with the Content-Type set to text/plain instead of html or xhtml... In addition, If I try to get to one of the css pages, I get a 500 Internal Server error (served back as HTML, returned with the text/plain Content-Type).
Here is my Virtual Host file (Any help would be VERY VERY VERY appreciated!):
NameVirtualHost *:8080
#Proxy balancer section (create one for each ruby app cluster)
<Proxy balancer://myapp_cluster>
Order allow,deny
Allow from all
BalancerMember http://rails.localdomain.com:3010
#BalancerMember http://myapp:3011
</Proxy>
#Virtual host section (create one for each ruby app you need to publish)
<VirtualHost *:8080>
ServerName rails.localdomain.com
DocumentRoot c:/www/app/public/
<Directory c:/www/app/public/ >
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ProxyRequests Off
ProxyPass / balancer://myapp_cluster
ProxyPassReverse / balancer://myapp_cluster
ProxyPreserveHost On
#SetOutputFilter INFLATE;DEFLATE
#SetOutputFilter proxy-html
#log files
ErrorLog c:/www/log/app_error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog c:/www/log/app_access.log combined
#Rewrite stuff
RewriteEngine On
# Check for maintenance file and redirect all requests
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteRule ^.*$ /system/maintenance.html [L]
# Rewrite index to check for static
RewriteRule ^/$ /index.html [QSA]
# Rewrite to check for Rails cached page
RewriteRule ^([^.]+)$ $1.html [QSA]
# Redirect all non-static requests to cluster
RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
RewriteRule ^/(.*)$ balancer://myapp_cluster%{REQUEST_URI} [P,QSA,L]
# Deflate
#AddOutputFilterByType DEFLATE text/html text/plain text/xml application/xml application/xhtml+xml text/javascript text/css
#BrowserMatch ^Mozilla/4 gzip-only-text/html
#BrowserMatch ^Mozilla/4\.0[678] no-gzip
#BrowserMatch \\bMSIE !no-gzip !gzip-only-text/html
</VirtualHost>
OK, here's part of the answer. This part deals with the .css and .js files. Apparently it relates to trailing slashes... I had to remove some slashes and add some others...
Removed:
DocumentRoot c:/www/app/public
<Directory c:/www/app/public >
Added:
ProxyPass / balancer://myapp_cluster/
ProxyPassReverse / balancer://myapp_cluster/
Now I can pull up the .css and .js files just fine...
HOWEVER: I am still having the issue of Apache NOT sending the right headers. Right inside the HTML that I'm returning I have this:
But it's STILL returning text/plain (the DefaultType as set in the httpd.conf).
PLEASE, if anyone has any ideas, let me know!!!!!
Thanks
I heavily recommend a linux host for RoR. Unicorn and Passenger are way better tools than mongrel clusters. See github blog post about it.

Resources